CVE-2024-0240 Vulnerability Details

  /     /     /  

CVE-2024-0240 Metadata Quick Info

CVE Published: 15/02/2024 | CVE Updated: 25/09/2024 | CVE Year: 2024
Source: Silabs | Vendor: silabs.com | Product: GSDK
Status : PUBLISHED

CVE-2024-0240 Description

A memory leak in the Silicon Labs\' Bluetooth stack for EFR32 products may cause memory to be exhausted when sending notifications to multiple clients, this results in all Bluetooth operations, such as advertising and scanning, to stop.

Metrics

CVSS Version: 3.1 | Base Score: 6.5 MEDIUM
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

l➤ Exploitability Metrics:
    Attack Vector (AV)* ADJACENT_NETWORK
    Attack Complexity (AC)* LOW
    Privileges Required (PR)* NONE
    User Interaction (UI)* NONE
    Scope (S)* UNCHANGED

l➤ Impact Metrics:
    Confidentiality Impact (C)* NONE
    Integrity Impact (I)* NONE
    Availability Impact (A)* HIGH

Weakness Enumeration (CWE)

CWE-ID: CWE-401
CWE Name: CWE-401 Missing Release of Memory after Effective Lifetime
Source: silabs.com

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID: CAPEC-131
CAPEC Description: CAPEC-131 Resource Leak Exposure